Hello,
I'm trying to write a MD2 program. Applied Cryptography by Bruce
Schneier says "Append a 16-byte checksum to the message".
Um, dumb question - How do I make a checksum? Is this the CRC? Is CRC
the only checksum? In any case, does anyone know of an RFC or something
like that that says how to go about making a checksum? Applied
Cryptography doesn't have anything on it (at least, not according to the
index and I can't remember reading anything). I've searched the Web and
found examples in Pascal, C and Forth, but I'd like to understand the big
picture before writing a new one (I need to do it in Java). The RFC
index has two entries with "checksum" in the title, but these seem to be
IP specific.
On a more conversational note:
RIPEM and SSLeay seem to like MD5. RIPEM uses MD2 for it's X.509
certificates but MD5 for it's MIC-Info. There are a bunch of MD5
programs out there and a number written in Java. Bruce Schneier says "I am
wary of MD5" on pge 441 of Applied Cryptography. He states before that
that MD5 hasn't been provven insecure, but weaknesses have been found in
the compression function. If he is wary of this algorithm, then why is
it so popular? It's by far more prevelant than any other message digest
I've seen.
-Dave
drig(_at_)magicweb(_dot_)com
I got a coffee mug from Cray Research when they moved out. Now I can
drink my coffee while doing 63 other, unrelated tasks.